Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/3Mx0tZ3iL8C6clkHghqxyLYZoPs.roa
File:                     3Mx0tZ3iL8C6clkHghqxyLYZoPs.roa (raw, json)
Hash identifier:          U7W5XAFCxBRwZCnA20yAeD3BFAgJkbdOKSvD12E2mKU=
Subject key identifier:   DC:CC:74:B5:9D:E2:2F:C0:BA:72:59:07:82:1A:B1:C8:B6:19:A0:FB
Certificate issuer:       /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial:       0185718C2C20D5B657E235D4A7F2C115C84D
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/3Mx0tZ3iL8C6clkHghqxyLYZoPs.roa
Signing time:             Mon 02 Jan 2023 08:14:49 +0000
ROA not before:           Mon 02 Jan 2023 08:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42688
IP address blocks:        37.157.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:2c:20:d5:b6:57:e2:35:d4:a7:f2:c1:15:c8:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
        Validity
            Not Before: Jan  2 08:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dccc74b59de22fc0ba725907821ab1c8b619a0fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:8b:d7:fd:d2:46:07:d5:4c:4e:d1:16:85:aa:
                    d5:d1:2b:96:50:3a:f0:74:15:a6:38:64:bd:ca:56:
                    82:39:3c:b0:4e:67:22:76:ef:36:98:b4:19:d1:fa:
                    38:ec:66:0d:02:a4:63:56:59:ab:d2:36:a0:f6:60:
                    97:02:13:67:eb:c6:be:e0:55:48:9c:c6:f9:54:f8:
                    9f:68:10:9b:3a:15:99:71:c7:ff:f2:19:a4:d4:95:
                    8d:66:46:41:7d:09:57:9a:36:e1:23:ac:44:d6:d5:
                    5d:6c:0e:8f:45:48:41:7e:00:f5:05:5d:8f:92:42:
                    a9:49:4c:65:18:d0:79:a6:ad:fc:0c:3c:ab:97:32:
                    8c:ea:e0:bc:b2:1b:b1:81:a8:a3:c6:89:b2:d8:79:
                    9f:59:93:fc:90:25:bb:af:ac:c6:07:25:da:0d:70:
                    4e:bb:7b:87:37:0a:18:fd:79:cd:b4:3d:8a:d5:1b:
                    6c:6e:1a:7d:0f:db:ae:d6:cf:20:79:c9:ec:d7:03:
                    5d:33:74:0b:b3:fa:0f:fd:e7:7c:31:15:3e:85:cb:
                    e6:ca:89:56:ec:81:ed:29:80:a9:26:c1:8f:b3:27:
                    22:5b:17:dd:a8:aa:ab:da:55:e7:60:03:e2:5c:67:
                    d8:cd:e3:0a:53:fb:87:a7:2b:c0:bd:ac:a5:bc:e6:
                    fc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:CC:74:B5:9D:E2:2F:C0:BA:72:59:07:82:1A:B1:C8:B6:19:A0:FB
            X509v3 Authority Key Identifier:
                keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/3Mx0tZ3iL8C6clkHghqxyLYZoPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.157.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:3e:dd:9d:ff:d7:c8:fc:3c:5e:bc:8a:dc:bc:d7:e7:ed:4c:
         a6:69:fd:12:2a:8f:f4:ea:33:43:2a:6b:76:52:8e:c6:c9:31:
         5b:5e:ae:da:55:ba:8b:1f:0b:c7:34:7a:2d:ef:39:ce:48:5a:
         8c:7b:ed:7d:75:11:54:c9:c7:ea:4e:8f:bb:1a:42:1c:86:80:
         ec:f5:b0:fd:a7:65:aa:e0:12:d2:64:8e:18:1a:07:27:71:fa:
         26:e5:6b:69:f8:42:ee:5a:37:2b:b2:e8:fb:ea:28:3c:14:85:
         de:aa:91:47:2a:81:74:e6:60:ee:7b:56:7a:3a:c8:8a:59:dd:
         b2:d0:45:0d:3a:fe:7a:c7:99:8d:b0:cf:fb:99:2f:7d:3e:88:
         92:c9:b3:29:60:c7:91:e3:7f:e9:c7:1a:f2:5f:85:cd:48:7f:
         f1:13:ea:07:f1:32:ab:e0:52:3d:96:ba:be:96:49:64:1c:2a:
         de:d4:13:f3:b4:9a:b1:74:91:d4:4f:cd:4d:f6:8b:a6:1c:d7:
         94:57:07:d4:e9:17:a7:a2:5f:a4:5a:66:3d:52:77:fc:9a:ef:
         75:86:17:c7:84:35:b8:ba:79:0b:1e:ff:07:8c:b2:ac:e7:fa:
         ed:0b:ab:b6:aa:40:f3:75:d3:ec:0e:4d:83:17:35:24:52:6d:
         07:69:6e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjCwg1bZX4jXUp/LBFchNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NjNzRiNTlkZTIyZmMwYmE3MjU5MDc4MjFhYjFjOGI2MTlhMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIvX/dJGB9VMTtEWharV0SuWUDrw
dBWmOGS9ylaCOTywTmcidu82mLQZ0fo47GYNAqRjVlmr0jag9mCXAhNn68a+4FVI
nMb5VPifaBCbOhWZccf/8hmk1JWNZkZBfQlXmjbhI6xE1tVdbA6PRUhBfgD1BV2P
kkKpSUxlGNB5pq38DDyrlzKM6uC8shuxgaijxomy2HmfWZP8kCW7r6zGByXaDXBO
u3uHNwoY/XnNtD2K1Rtsbhp9D9uu1s8gecns1wNdM3QLs/oP/ed8MRU+hcvmyolW
7IHtKYCpJsGPsyciWxfdqKqr2lXnYAPiXGfYzeMKU/uHpyvAvaylvOb8lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzMdLWd4i/AunJZB4Iasci2GaD7MB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvM014MHRaM2lMOEM2Y2xrSGdocXh5TFlab1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZ3QMA0G
CSqGSIb3DQEBCwUAA4IBAQC9Pt2d/9fI/DxevIrcvNfn7Uymaf0SKo/06jNDKmt2
Uo7GyTFbXq7aVbqLHwvHNHot7znOSFqMe+19dRFUycfqTo+7GkIchoDs9bD9p2Wq
4BLSZI4YGgcncfom5Wtp+ELuWjcrsuj76ig8FIXeqpFHKoF05mDue1Z6OsiKWd2y
0EUNOv56x5mNsM/7mS99PoiSybMpYMeR43/pxxryX4XNSH/xE+oH8TKr4FI9lrq+
lklkHCre1BPztJqxdJHUT81N9oumHNeUVwfU6Renol+kWmY9Unf8mu91hhfHhDW4
unkLHv8HjLKs5/rtC6u2qkDzddPsDk2DFzUkUm0HaW4K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org